Code:
/ WCF / WCF / 3.5.30729.1 / untmp / Orcas / SP / ndp / cdf / src / WCF / ServiceModel / System / ServiceModel / MessageSecurityOverTcp.cs / 1 / MessageSecurityOverTcp.cs
//------------------------------------------------------------ // Copyright (c) Microsoft Corporation. All rights reserved. //----------------------------------------------------------- namespace System.ServiceModel { using System; using System.ServiceModel.Channels; using System.ServiceModel.Security; using System.ServiceModel.Security.Tokens; using System.Net.Security; using System.Security.Principal; using System.Runtime.CompilerServices; public sealed class MessageSecurityOverTcp { internal const MessageCredentialType DefaultClientCredentialType = MessageCredentialType.Windows; MessageCredentialType clientCredentialType; SecurityAlgorithmSuite algorithmSuite; bool wasAlgorithmSuiteSet; internal MessageSecurityOverTcp() { clientCredentialType = DefaultClientCredentialType; algorithmSuite = SecurityAlgorithmSuite.Default; } public MessageCredentialType ClientCredentialType { get { return this.clientCredentialType; } set { if (!MessageCredentialTypeHelper.IsDefined(value)) { throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new ArgumentOutOfRangeException("value")); } this.clientCredentialType = value; } } public SecurityAlgorithmSuite AlgorithmSuite { get { return this.algorithmSuite; } set { if (value == null) { throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("value"); } this.algorithmSuite = value; wasAlgorithmSuiteSet = true; } } internal bool WasAlgorithmSuiteSet { get { return this.wasAlgorithmSuiteSet; } } [MethodImpl(MethodImplOptions.NoInlining)] internal SecurityBindingElement CreateSecurityBindingElement(bool isSecureTransportMode, bool isReliableSession, BindingElement transportBindingElement) { SecurityBindingElement result; SecurityBindingElement oneShotSecurity; if (isSecureTransportMode) { switch (this.clientCredentialType) { case MessageCredentialType.None: throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new InvalidOperationException(SR.GetString(SR.ClientCredentialTypeMustBeSpecifiedForMixedMode))); case MessageCredentialType.UserName: oneShotSecurity = SecurityBindingElement.CreateUserNameOverTransportBindingElement(); break; case MessageCredentialType.Certificate: oneShotSecurity = SecurityBindingElement.CreateCertificateOverTransportBindingElement(); break; case MessageCredentialType.Windows: oneShotSecurity = SecurityBindingElement.CreateSspiNegotiationOverTransportBindingElement(true); break; case MessageCredentialType.IssuedToken: oneShotSecurity = SecurityBindingElement.CreateIssuedTokenOverTransportBindingElement(IssuedSecurityTokenParameters.CreateInfoCardParameters(new SecurityStandardsManager(), this.algorithmSuite)); break; default: DiagnosticUtility.DebugAssert("unknown ClientCredentialType"); throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new NotSupportedException()); } result = SecurityBindingElement.CreateSecureConversationBindingElement(oneShotSecurity); } else { switch (this.clientCredentialType) { case MessageCredentialType.None: oneShotSecurity = SecurityBindingElement.CreateSslNegotiationBindingElement(false, true); break; case MessageCredentialType.UserName: // require cancellation so that impersonation is possible oneShotSecurity = SecurityBindingElement.CreateUserNameForSslBindingElement(true); break; case MessageCredentialType.Certificate: oneShotSecurity = SecurityBindingElement.CreateSslNegotiationBindingElement(true, true); break; case MessageCredentialType.Windows: // require cancellation so that impersonation is possible oneShotSecurity = SecurityBindingElement.CreateSspiNegotiationBindingElement(true); break; case MessageCredentialType.IssuedToken: oneShotSecurity = SecurityBindingElement.CreateIssuedTokenForSslBindingElement(IssuedSecurityTokenParameters.CreateInfoCardParameters(new SecurityStandardsManager(), this.algorithmSuite), true); break; default: DiagnosticUtility.DebugAssert("unknown ClientCredentialType"); throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new NotSupportedException()); } result = SecurityBindingElement.CreateSecureConversationBindingElement(oneShotSecurity, true); } // set the algorithm suite and issued token params if required result.DefaultAlgorithmSuite = oneShotSecurity.DefaultAlgorithmSuite = this.AlgorithmSuite; result.IncludeTimestamp = true; if (!isReliableSession) { result.LocalServiceSettings.ReconnectTransportOnFailure = false; result.LocalClientSettings.ReconnectTransportOnFailure = false; } else { result.LocalServiceSettings.ReconnectTransportOnFailure = true; result.LocalClientSettings.ReconnectTransportOnFailure = true; } // since a session is always bootstrapped, configure the transition sct to live for a short time only oneShotSecurity.LocalServiceSettings.IssuedCookieLifetime = SpnegoTokenAuthenticator.defaultServerIssuedTransitionTokenLifetime; result.MessageSecurityVersion = MessageSecurityVersion.WSSecurity11WSTrustFebruary2005WSSecureConversationFebruary2005WSSecurityPolicy11; oneShotSecurity.MessageSecurityVersion = MessageSecurityVersion.WSSecurity11WSTrustFebruary2005WSSecureConversationFebruary2005WSSecurityPolicy11; return result; } internal static bool TryCreate(SecurityBindingElement sbe, bool isReliableSession, BindingElement transportBindingElement, out MessageSecurityOverTcp messageSecurity) { messageSecurity = null; if (sbe == null) return false; // do not check local settings: sbe.LocalServiceSettings and sbe.LocalClientSettings if (!sbe.IncludeTimestamp) return false; if (sbe.MessageSecurityVersion != MessageSecurityVersion.WSSecurity11WSTrustFebruary2005WSSecureConversationFebruary2005WSSecurityPolicy11 && sbe.MessageSecurityVersion != MessageSecurityVersion.WSSecurity11WSTrustFebruary2005WSSecureConversationFebruary2005WSSecurityPolicy11BasicSecurityProfile10) { return false; } if (sbe.SecurityHeaderLayout != SecurityProtocolFactory.defaultSecurityHeaderLayout) return false; MessageCredentialType clientCredentialType; SecurityBindingElement bootstrapSecurity; if (!SecurityBindingElement.IsSecureConversationBinding(sbe, true, out bootstrapSecurity)) return false; bool isSecureTransportMode = bootstrapSecurity is TransportSecurityBindingElement; IssuedSecurityTokenParameters infocardParameters; if (isSecureTransportMode) { if (SecurityBindingElement.IsUserNameOverTransportBinding(bootstrapSecurity)) clientCredentialType = MessageCredentialType.UserName; else if (SecurityBindingElement.IsCertificateOverTransportBinding(bootstrapSecurity)) clientCredentialType = MessageCredentialType.Certificate; else if (SecurityBindingElement.IsSspiNegotiationOverTransportBinding(bootstrapSecurity, true)) clientCredentialType = MessageCredentialType.Windows; else if (SecurityBindingElement.IsIssuedTokenOverTransportBinding(bootstrapSecurity, out infocardParameters)) { if (!IssuedSecurityTokenParameters.IsInfoCardParameters(infocardParameters)) return false; clientCredentialType = MessageCredentialType.IssuedToken; } else { // the standard binding does not support None client credential type in mixed mode return false; } } else { if (SecurityBindingElement.IsUserNameForSslBinding(bootstrapSecurity, true)) clientCredentialType = MessageCredentialType.UserName; else if (SecurityBindingElement.IsSslNegotiationBinding(bootstrapSecurity, true, true)) clientCredentialType = MessageCredentialType.Certificate; else if (SecurityBindingElement.IsSspiNegotiationBinding(bootstrapSecurity, true)) clientCredentialType = MessageCredentialType.Windows; else if (SecurityBindingElement.IsIssuedTokenForSslBinding(bootstrapSecurity, true, out infocardParameters)) { if (!IssuedSecurityTokenParameters.IsInfoCardParameters(infocardParameters)) return false; clientCredentialType = MessageCredentialType.IssuedToken; } else if (SecurityBindingElement.IsSslNegotiationBinding(bootstrapSecurity, false, true)) clientCredentialType = MessageCredentialType.None; else return false; } messageSecurity = new MessageSecurityOverTcp(); messageSecurity.ClientCredentialType = clientCredentialType; // set the algorithm suite and issued token params if required if (clientCredentialType != MessageCredentialType.IssuedToken) { messageSecurity.algorithmSuite = bootstrapSecurity.DefaultAlgorithmSuite; } return true; } } } // File provided for Reference Use Only by Microsoft Corporation (c) 2007. // Copyright (c) Microsoft Corporation. All rights reserved.
Link Menu

This book is available now!
Buy at Amazon US or
Buy at Amazon UK
- AsymmetricSignatureFormatter.cs
- CfgParser.cs
- safesecurityhelperavalon.cs
- EventManager.cs
- ToolbarAUtomationPeer.cs
- DataGridViewRowPostPaintEventArgs.cs
- TokenBasedSetEnumerator.cs
- SerializationObjectManager.cs
- ErrorStyle.cs
- IndexerNameAttribute.cs
- TextDecorationCollection.cs
- ColumnMap.cs
- unitconverter.cs
- CapabilitiesUse.cs
- Graph.cs
- RichTextBoxConstants.cs
- WpfSharedXamlSchemaContext.cs
- QfeChecker.cs
- DiscoveryOperationContextExtension.cs
- SerializationTrace.cs
- DataSourceHelper.cs
- Stack.cs
- DateTimeOffsetConverter.cs
- PropertyKey.cs
- InstallerTypeAttribute.cs
- VerificationException.cs
- EventDescriptorCollection.cs
- FixedFindEngine.cs
- ExternalDataExchangeClient.cs
- WebPartConnectionsCloseVerb.cs
- OperationPickerDialog.designer.cs
- BindingNavigator.cs
- WCFModelStrings.Designer.cs
- CancellableEnumerable.cs
- AssemblyFilter.cs
- SqlXmlStorage.cs
- TreeNodeConverter.cs
- FileFormatException.cs
- MessageSecurityProtocolFactory.cs
- Geometry.cs
- CodeDefaultValueExpression.cs
- FormsAuthenticationModule.cs
- Object.cs
- MetadataItemEmitter.cs
- Page.cs
- DesignerDataStoredProcedure.cs
- CurrencyWrapper.cs
- FormattedTextSymbols.cs
- CssTextWriter.cs
- HtmlAnchor.cs
- Exceptions.cs
- basenumberconverter.cs
- NavigationPropertyEmitter.cs
- CollectionChangeEventArgs.cs
- Internal.cs
- BooleanToVisibilityConverter.cs
- ComponentEditorForm.cs
- VBCodeProvider.cs
- ScrollProperties.cs
- XmlAutoDetectWriter.cs
- OutKeywords.cs
- HijriCalendar.cs
- Accessible.cs
- NativeMethods.cs
- Visual.cs
- AlternateViewCollection.cs
- ActionFrame.cs
- Byte.cs
- SocketInformation.cs
- ReaderWriterLockWrapper.cs
- AdornerDecorator.cs
- ContentHostHelper.cs
- ButtonChrome.cs
- HtmlElement.cs
- PrintDialog.cs
- RecordManager.cs
- PageContentAsyncResult.cs
- InkCanvas.cs
- LoginDesignerUtil.cs
- safemediahandle.cs
- DataGridViewCellConverter.cs
- NotImplementedException.cs
- Buffer.cs
- XmlByteStreamWriter.cs
- XmlCollation.cs
- CommandTreeTypeHelper.cs
- ItemsControlAutomationPeer.cs
- XmlSchemaSequence.cs
- BindingNavigatorDesigner.cs
- GenericIdentity.cs
- ToolStripProgressBar.cs
- DesignerWithHeader.cs
- SqlCommand.cs
- PropertyMetadata.cs
- OracleFactory.cs
- HttpDebugHandler.cs
- FileDialogCustomPlacesCollection.cs
- TemplatedControlDesigner.cs
- DispatcherEventArgs.cs
- MappingException.cs